CVE-2009-1545

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 2000 SP4, XP SP2, XP SP3, Server 2003 SP2, Vista Gold, Vista SP1, Vista SP2, Server 2008 Gold, Server 2008 SP2

Description: A remote code execution issue exists in the way Microsoft Windows handles specially crafted AVI format files. This could allow code execution if a user opens a specially crafted AVI file. If successfully exploited, an attacker could take complete control of an affected system, allowing them to install programs, view, change, or delete data, or create new accounts with full user rights. The impact may be less severe for users with fewer user rights on the system compared to those operating with administrative user rights.

Recommendations: For Windows 2000 SP4, consider applying the relevant security update to resolve the issue. For Windows XP SP2 and SP3, apply the security update to fix the vulnerability. For Windows Server 2003 SP2, install the update to mitigate the risk. For Windows Vista Gold, SP1, and SP2, apply the security patch to resolve the issue. For Windows Server 2008 Gold and SP2, install the relevant security update to fix the vulnerability.